Re: [Mikrotik] splitting subnets

[Scott Reed]

Either way should work.
Just for completeness, you can use address lists, too.

On 9/13/2011 5:29 PM, Josh Luthman wrote:

Not sure if you can do a range of IPs, I always did subnets.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Sep 13, 2011 5:17 PM, "Bill Prince"<part...@skylinebroadbandservice.com>
wrote:

Yup, that's pretty close to what I'm saying. The new AP is on ether7,
and it's not part of a bridge.

The only chain I'm specifying is srcnat. The typical (almost generic)
NAT rule is like this:

add chain=srcnat action=masquerade out-interface=WAN

So I tried to add this:

add chain=srcnat action=masquerade in-interface=ether7
out-interface=ether1

That gave me the error.

Looks like the following will work?

add chain=srcnat action=masquerade out-interface=ether1
src-address=10.10.107.20-10.10.107.99





bp


On 9/13/2011 1:42 PM, Josh Luthman wrote:

You could src-address=10.2.3.0/24 if that's what you're asking?

What ingoing interface did you try? Is it part of a bridge? Why are you
specifying the output chain???

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Tue, Sep 13, 2011 at 4:35 PM, Bill Prince<
part...@skylinebroadbandservice.com>  wrote:

Hrrmmmm.

Setting up to do masquerade on just the interface this AP is on does not
work. It says "ingoing interface matching not possible in output and
postrouting chains".

So what do I do to just NAT for this group of subs? Is it possible to
match the source address from this subnet?



bp



On 9/9/2011 5:17 PM, Bill Prince wrote:

Well, the old AP is on ether2, and all the old SMs are there too and on
the /26 subnet.

The new AP is on ether7, and the new SMs will not talk to the old AP.

So

they will have to go somewhere, and I don't have enough spare IP

addresses

to just plunk down a new subnet on the new AP.

We're in the midst of getting a block of IPs from ARIN, and I don't

think

I will get the addresses before the AP/SM switch happens.

Just doing a NAT for the new guys until the switch is over might make

the

most sense...

bp


On 9/9/2011 4:21 PM, Scott Reed wrote:

You can not have 2 ports on the same device in the same subnet. It

won't

know which to use.
But, with what you are saying, why can't you just split the /26 into 2
/27s and be done?
Here is maybe the thing that is getting you. If you split the /26 into

2

/27s and put them on separate interfaces on the router, the router is

happy.

The clients can still have /27, PROVIDED their default gateway is the

same

half the subnet they are in. The clients can not talk to each other

because

they think they don't need to route. If the clients don't need to

talk,

this should be fairly easy.

On 9/9/2011 6:45 PM, Bill Prince wrote:

My thinking was that all the lower addresses (1-30) will be in the

/26,

and all the upper addresses (33-62) will be in the /27. Once they're

moved,

then I can go back and switch all the lowers to a /27.

This will all be on the same router (RB493). The /26 is on ether 2,

and

the /27 will be on ether 7. While I'm switching all the folks that

need to

go over to the new AP (which is on ether 7), I will have ether 2

configured

as the master for ether 7 (the old AP is on ether 2).

Actually, now that I think about it, it should only take me about 15

or

20 minutes to make both /27 subnets and just switch everyone

enmass...

bp


On 9/9/2011 3:13 PM, Scott Reed wrote:

Routing will be a problem.
How are you going to tell a router customer .1 is here, .5 is there,
etc.?
There are thousands of /26 networks available that are non-routing.
What about creating a new /26 out of 10.x.x.x and NAT it until you

get

everyone moved?

On 9/9/2011 5:34 PM, Bill Prince wrote:

We put up a new AP on a POP where we already have 6 operating APs.
The plan is to split off about 25 existing subscribers on one of

the old

APs and put them on this new AP.

So we have all the subs (about 50) in one /26 (x.y.x.0/26). The
ones we're going to move I need to put on a separate subnet, as

everything

is different, but I don't have enough IPs in a completely different

subnet

to just move them over at the moment.

Would there be an issue to create a new subnet (x.y.z.32/27), and

move

all the ones we want on the new AP to this subnet? This would

overlap with

the old subnet for the short time we're moving everyone.

Then after they're moved, I'll take the old x.y.z.0/26 and change

it

to x.y.z.0/27.

______________________________**_________________

Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/**mailman/listinfo/mikrotik<

http://www.butchevans.com/mailman/listinfo/mikrotik>

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

______________________________**_________________

Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/**mailman/listinfo/mikrotik<

http://www.butchevans.com/mailman/listinfo/mikrotik>

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

______________________________**_________________

Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/**mailman/listinfo/mikrotik<

http://www.butchevans.com/mailman/listinfo/mikrotik>

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

-------------- next part --------------
An HTML attachment was scrubbed...
URL:<

http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/0d059420/attachment.html

_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik

RouterOS

-------------- next part --------------
An HTML attachment was scrubbed...
URL:<

http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/68173e1b/attachment.html

_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik

RouterOS
-------------- next part --------------
An HTML attachment was scrubbed...
URL:<http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/09a12b33/attachment.html>
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

--
Scott Reed
Owner
NewWays Networking, LLC
Wireless Networking
Network Design, Installation and Administration



Mikrotik Advanced Certified

www.nwwnet.net
(765) 855-1060
(765) 439-4253
(855) 231-6239


_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS